Commit Graph

677 Commits

Author SHA1 Message Date
nekral-guest
77c1b2a369 * src/newgrp.c: Added assertion to guide splint (and me). 2009-04-23 11:17:22 +00:00
nekral-guest
614c79defc * libmisc/xgetXXbyYY.c, libmisc/myname.c, libmisc/getgr_nam_gid.c,
libmisc/salt.c, libmisc/list.c, libmisc/cleanup.c, src/login.c,
	lib/getdef.h, lib/groupio.c, lib/getlong.c, lib/gshadow_.h,
	lib/sgroupio.c, lib/shadowio.c, lib/pwio.c, lib/commonio.h,
	lib/fputsx.c, lib/prototypes.h: Added splint annotations.
	* lib/groupio.c: Avoid implicit conversion of pointers to
	booleans.
	* lib/groupio.c: Free allocated buffers in case of failure.
2009-04-23 09:57:03 +00:00
nekral-guest
54302f6006 * src/login.c: Added splint annotations. 2009-04-22 20:53:15 +00:00
nekral-guest
2a32262725 * src/login.c: Added assert()s for NULL (or ! NULL) username, and
pwd. This helps splint.
2009-04-22 20:51:13 +00:00
nekral-guest
e35a7fbd89 Re-indent. 2009-04-22 20:48:42 +00:00
nekral-guest
c55311aa6d * src/login.c: After login_prompt(), do not check for unset
username, but for empty username.
2009-04-22 20:46:49 +00:00
nekral-guest
3704745289 * lib/defines.h: Define USER_NAME_MAX_LENGTH, based on utmp and
default to 32.
	* libmisc/chkname.c: Use USER_NAME_MAX_LENGTH.
	* src/login.c: Use USER_NAME_MAX_LENGTH instead of the default 32.
	username also needs to be bigger than USER_NAME_MAX_LENGTH because
	it has to be nul-terminated.
2009-04-22 20:42:48 +00:00
nekral-guest
eae8b63d4f * src/login.c: Use xmalloc() instead of malloc(). 2009-04-22 20:21:17 +00:00
nekral-guest
349efcb0a6 * src/login.c: Ignore the return value of puts(), fputs(),
strftime().
2009-04-22 20:17:11 +00:00
nekral-guest
46d697cded * src/login.c: timeout, delay, and retries should be unsigned.
* src/login.c: Ignore the return value of alarm() and sleep().
2009-04-22 20:15:21 +00:00
nekral-guest
53e0ff91d3 * src/login.c: If we cannot get the terminal configuration, do not
change the terminal configuration. setup_tty() is just a best
	effort configuration of the terminal.
	* src/login.c: Ignore failures when setting the terminal
	configuration.
	* src/login.c: Fail if the ERASECHAR or KILLCHAR configurations
	are not compatible with a cc_t type.
2009-04-22 20:12:06 +00:00
nekral-guest
a362a68f53 * src/login.c: utent might be NULL after get_current_utmp(). 2009-04-22 20:07:34 +00:00
nekral-guest
332a50c273 * src/login.c: Removed temp_shell. No more used.
* src/login.c: lastlog is only used #ifndef USE_PAM
	* src/login.c: Rename lastlog to ll to avoid name clash with the
	lastlog type.
2009-04-22 20:03:26 +00:00
nekral-guest
790dbb07fc * src/login.c: Added update_utmp() to group the prepare_utmp and
setutmp (and the utmpx versions).
2009-04-22 19:58:39 +00:00
nekral-guest
f59a69f4b6 * src/login.c: Do not include netdb.h. gethostbyname() is no more
called from within login.c. Also UT_ADDR does not exist anymore.
2009-04-22 19:54:28 +00:00
nekral-guest
efcbbc3d74 * src/login.c: Check if login is run with effective root
privileges. This should be more helpful to users than a failure to
	find an utmp entry or failure to access a file.
2009-04-21 22:46:01 +00:00
nekral-guest
82c1a583f8 * libmisc/utmp.c: Reworked. Get rid of Linux specific stuff. Get rid
of global utent/utxent variables. Only reuse the ut_id and maybe
	the ut_host fields from utmp.
	* lib/prototypes.h, libmisc/utmp.c: Removed checkutmp(),
	setutmp(), setutmpx().
	* lib/prototypes.h, libmisc/utmp.c: Added get_current_utmp(),
	prepare_utmp(), prepare_utmpx(), setutmp(), setutmpx().
	* libmisc/utmp.c (is_my_tty): Only compare the name of the utmp
	line with ttyname(). (No stat of the two terminals to compare the
	devices).
	* libmisc/utmp.c: Use getaddrinfo() to get the address of the
	host.
	* configure.in: Check for getaddrinfo().
	* configure.in: Use AC_CHECK_MEMBERS to check for the existence of
	fields in the utmp/utmpx structures.
	* configure.in: Reject systems with utmpx support but no ut_id
	field in utmp. This could be fixed later if needed.
	* src/login.c: Use the new utmp functions. This also simplifies
	the failtmp() handling.
	* src/login.c: passwd_free() renamed to pw_free() and
	shadow_free() renamed to spw_free()
2009-04-21 22:39:14 +00:00
nekral-guest
9efd6a53d2 * NEWS, src/lastlog.c: Fix regression causing empty reports. 2009-04-20 14:04:48 +00:00
nekral-guest
18fdfee274 * src/login.c: Get rid of pwent. pwd is sufficient as long as it
is always coming from xgetpwnam. There is no need to copy pwd to
	pwent, this was not a good idea anyway as the strings from pwd
	were not duplicated.
	* src/login.c: Always free the pwd and spwd structure when we
	retrieve a new one. This will clear the password of the previous
	user from the memory.
	* src/login.c: user_passwd is used to keep point to the password
	of the user being authenticated.
	* src/login.c: (non PAM) Fail if the user's entry cannot be found
	after the user updated her password (if expire() requested an
	update).
	* src/login.c: If the user does not exist on the system, there is
	no need to build a pwd structure (with shell).
2009-04-20 13:29:15 +00:00
nekral-guest
a6ac4dda75 * src/login.c: ttytype already checks for TTYTYPE_FILE and TERM.
Just call ttytype.
2009-04-20 13:12:09 +00:00
nekral-guest
29c3763f9c Re-indent. 2009-04-20 13:10:20 +00:00
nekral-guest
c694843da5 * src/login.c: Open the PAM session before pam_setcred and before
initgroups. This is more consistent with rfc86.0.
2009-04-20 12:54:17 +00:00
nekral-guest
432faba3e1 * src/login.c: Added helper functions get_pam_user() and
get_failent_user().
2009-04-20 12:47:04 +00:00
nekral-guest
70e1a5c9b6 * src/login.c: Added parameter to check_nologin. This will help
getting rid of the global pwent variable.
2009-04-20 12:33:01 +00:00
nekral-guest
61c1d100dc * src/login.c: Added comments.
* src/login.c: Close the user and group files before dropping root
	privileges.
2009-04-20 12:27:27 +00:00
nekral-guest
3508f7dccc * src/login.c: We do not need to keep the old umask. Discard the
umask() return value.
2009-04-20 12:17:38 +00:00
nekral-guest
1bcf2ffb59 * libmisc/hushed.c, lib/prototypes.h, src/login.c: Change the
hushed() prototype to take a username instead of a passwd
	structure in argument. The passwd entry is retrieved withing
	hushed().
2009-04-20 11:48:59 +00:00
nekral-guest
a87e747049 * libmisc/failure.h, libmisc/failure.c, src/login.c: Added
username as first parameter of failtmp to avoid issues with
	non-null terminated ut_user, unavailability of ut_user, incomplete
	username (that should not happen currently).
2009-04-20 11:37:41 +00:00
nekral-guest
131e95ffaf * NEWS, src/login.c: Also check if the authentication token of the
user has to be updated in case the user was already authenticated.
2009-04-19 16:22:17 +00:00
nekral-guest
ca10b825c7 * src/login.c: fflg is already restricted to root. Move
pam_acct_mgmt(), in case of fflg, earlier. This is equivalent and
	simplifies the code.
2009-04-19 16:09:00 +00:00
nekral-guest
8156c3b0be * src/login.c: Added comment to make sure PAM_RHOST or PAM_TTY do
not get set to unsanitized values.
2009-04-19 13:33:24 +00:00
nekral-guest
5298ac3dd9 * NEWS, src/login.c: Do not trust the current utmp entry's ut_line
to set PAM_TTY.
2009-04-17 20:40:26 +00:00
nekral-guest
4d2bee2e23 * NEWS, src/userdel.c: Fixed SE Linux support. semanage should be
called at the end.
	* src/useradd.c: Always call selinux_update_mapping() (i.e.
	semanage), not only when -Z is used.
2009-04-15 21:14:08 +00:00
nekral-guest
a24058d660 * NEWS, srclib/getlong.c: Fix parsing of octal numbers.
* NEWS, src/login.c: Fix segfault when no user is provided on the
	command line.
2009-04-15 17:50:17 +00:00
nekral-guest
5fa86c2b42 * NEW, src/vipw.c: SE Linux: Set the default context to the
context of the file being edited. This ensures that the backup
	file inherit from the file's context.
2009-04-15 17:42:27 +00:00
nekral-guest
6b46161f2d * src/su.c: If there are no root account, or if the root account
has an UID != 0, default to the first UID 0 account.
2009-04-12 00:28:32 +00:00
nekral-guest
08a212ccae * src/login.c: Restore the echoctl, echoke, onclr flags to the
terminal termio flags. Reset echoprt, noflsh, tostop. This
	behavior seems to have change by mistake in earlier releases
	(4.0.8, for no obvious reason).
2009-04-12 00:17:36 +00:00
nekral-guest
64a9f33ffa * src/login.c: Fix the count of failures before login exits in
case of PAM enabled configurations.
2009-04-12 00:08:26 +00:00
nekral-guest
681c1d12b5 * src/newusers.c: Add more information to the mkdir and chown
failure messages.
2009-04-11 23:30:44 +00:00
nekral-guest
ac305b82a4 Fix typo. 2009-04-11 19:18:38 +00:00
nekral-guest
554d4f6b95 * src/usermod.c, src/useraddd.c: Fix the usage string so that it
does not change depending on the configure option. Use a format.
2009-04-11 18:39:56 +00:00
nekral-guest
80a30dfe6f * src/gpasswd.c: Fix the usage of the unused macro. 2009-04-11 18:37:59 +00:00
nekral-guest
cab74eddef * lib/prototypes.h, libmisc/age.c, src/expiry.c, src/login.c: A
shadow entry is now sufficient for agecheck. Remove the first
	passwd entry parameter.
2009-04-11 18:37:08 +00:00
nekral-guest
42590e062f * src/userdel.c: Rename argv to args to avoid nameclash with the
main() parameters.
2009-04-11 16:52:45 +00:00
nekral-guest
3fdefd3e40 * src/useradd.c, src/usermod.c: Only call selinux_update_mapping()
if Zflg is set.
2009-04-11 16:47:32 +00:00
nekral-guest
8d136297c4 * NEWS, src/useradd.c, man/useradd.8.xml: add -Z option to map
SELinux user for user's login.
	* NEWS, src/usermod.c, man/usermod.8.xml: Likewise.
	* libmisc/system.c, libmisc/Makefile.am, lib/prototypes.h: Added
	safe_system(). Used to run semanage.
	* lib/prototypes.h, libmisc/copydir.c: Make a
	selinux_file_context() an extern function.
	* libmisc/copydir.c: Reset SELinux to create files with default
	contexts at the end of copy_tree().
	* NEWS, src/userdel.c: Delete the SELinux user mapping for user's
	login.
2009-04-11 15:34:10 +00:00
nekral-guest
2c400eff94 * src/useradd.c (get_defaults): Close the default file after the
default values were read.
2009-04-11 14:55:49 +00:00
nekral-guest
689a7197a0 Re-indent. 2009-04-11 13:00:32 +00:00
nekral-guest
46861e6bd8 Removed declaration of ep. No more used.
Re-indent.
2009-04-10 22:35:32 +00:00
nekral-guest
304b0ec202 * src/chage.c: expdays renamed to expdate. It is a date, even if
expressed in a number of days since Jan 1, 1970.
	* src/chage.c: Likewise: lastday renamed to lstchgdate. Also fix
	the --lastday documentation.
2009-04-10 22:34:42 +00:00
nekral-guest
52238dd6a7 * src/chage.c: More strtol() replaced by getlong(). 2009-04-10 22:34:36 +00:00
nekral-guest
d548bf4742 * src/passwd.c: Replace getnumber() by getlong(). This permits to
get rid of another strtol().
2009-04-10 22:34:23 +00:00
nekral-guest
77459dc27d * src/useradd.c, src/usermod.c, libmisc/getgr_nam_gid.c,
libmisc/Makefile.am, lib/prototypes.h: Moved getgr_nam_gid() from
	src/useradd.c and src/usermod.c to libmisc/getgr_nam_gid.c.
2009-04-10 22:34:10 +00:00
nekral-guest
ffd3e43ad8 * src/useradd.c: Get rid of strtol.
* src/useradd.c: Provide better warning in case a default GROUP or
	INACTIVE value is not valid in /etc/default/useradd.
2009-04-10 22:34:04 +00:00
nekral-guest
95bc6eb7b2 * src/useradd.c: Re-indent. 2009-04-10 22:33:57 +00:00
nekral-guest
06c81b67c2 * src/useradd.c: Use getlong instead of get_number. 2009-04-10 22:33:50 +00:00
nekral-guest
c3f109556a * src/usermod.c: Re-indent.
* src/usermod.c: Specifying a inactivity value < -1 is not valid.
2009-04-10 22:33:43 +00:00
nekral-guest
021066a980 * src/passwd.c: do_update_age is only used ifndef USE_PAM. Make it
more explicit.
2009-04-05 22:04:31 +00:00
nekral-guest
a1cac18ac3 * src/useradd.c: Set errno to 0 before calling strtol. 2009-04-05 22:02:50 +00:00
nekral-guest
f703b686da Fix typo. 2009-04-05 21:56:37 +00:00
nekral-guest
3511b1de80 Updated copyright dates. 2009-04-05 21:23:42 +00:00
nekral-guest
b23443630c * libmisc/pwd2spwd.c, src/chpasswd.c, src/newusers.c,
src/passwd.c, src/pwck.c, src/pwconv.c, src/useradd.c,
	src/usermod.c: On Jan 01, 1970, do not set the sp_lstchg field to
	0 (which means that the password shall be changed during the next
	login), but use -1 (password aging disabled).
	* src/passwd.c: Do not check sp_min if sp_lstchg is null or -1.
2009-04-05 21:23:27 +00:00
nekral-guest
7585fa0fe9 * src/chage.c: When no shadow entry exist, thedefault sp_lstchg
value should be -1 (no aging) rather than 0 (password must be
	changed).
	* src/chage.c: For password expiration and inactivity, indicate
	that the password must be changed when sp_lstchg is null rather
	than indicating that expiration and inactivity are not enabled.
2009-04-05 21:23:17 +00:00
nekral-guest
996e842149 Added missing space at the end of the question. 2009-03-22 12:32:40 +00:00
nekral-guest
503976fc6a * src/grpck.c (check_members): When a member is removed, do not
increase the index.
	* src/grpck.c: Fix typo in messages and comments.
2009-03-21 19:42:48 +00:00
nekral-guest
a65c2c9b18 * src/vipw.c: Likewise for the backup file. 2009-03-21 19:28:02 +00:00
nekral-guest
5331930716 * src/usermod.c: Likewise for the faillog and lastlog file. 2009-03-21 19:25:02 +00:00
nekral-guest
96c7b12bc4 * src/useradd.c: Likewise for the default file, faillog, lastlog,
and mail spool.
2009-03-21 19:18:06 +00:00
nekral-guest
a8e9fc86eb * src/groupmod.c: Embed gshadow related cleanup in #ifdef
SHADOWGRP.
2009-03-15 21:38:08 +00:00
nekral-guest
a402c4db3b * src/usermod.c: get_number() replaced by getlong().
* src/usermod.c: When the user is renamed, make sure we do not
	override an user with the same name (in passwd or shadow).
2009-03-15 21:34:20 +00:00
nekral-guest
780af2653a * src/gpasswd.c: log_gpasswd_success_gshadow is in the cleanup
stack only when the shadow group file is present.
2009-03-15 21:32:26 +00:00
nekral-guest
9372111aaa * NEWS, src/userdel.c: Make sure the user exists in the shadow
database before calling spw_remove().
	* NEWS, src/userdel.c: When the user's group is removed, make sure
	the group is in the gshadow database before calling sgr_remove().
	* src/userdel.c: Improve warning's wording.
2009-03-15 21:29:16 +00:00
nekral-guest
730fc8fc33 * src/faillog.c: Added support for the specification of a range of
users with -u.
	* src/faillog.c: Do not call print_one() for users which do not
	exist.
	* src/faillog.c: Make sure the user's entry is not outside the
	faillog file and initialize the faillog structure in that case.
	* src/faillog.c: Move print_one() closer to print().
	* src/faillog.c: reset(), setmax(), set_locktime() can also change
	entries of user which do not exist.
	* src/faillog.c: reset(), setmax() and set_locktime() shall not
	create entries for users which have no entries if the value has to
	be set to 0.
	* src/faillog.c: reset(), setmax() and set_locktime(): better
	handling of users whose entry is outside the faillog file.
	* src/faillog.c: Improved option handling. Options can now be
	specified in any order.
	* src/faillog.c: Improved warnings when options are not
	compatible or when the faillog cannot be open with the right mode.
	* src/faillog.c: Only fstat the faillog file once.
	* man/faillog.8.xml: Improved documentation.
2009-03-13 22:49:20 +00:00
nekral-guest
fafe281d31 * src/useradd.c, man/useradd.8.xml: Added long name for the -l
option: --no-log-init.
2009-03-13 22:30:38 +00:00
nekral-guest
f98b47eb55 * src/chpasswd.c: Make sure the SHA related variables is not
compiled when disabled at configuration time.
	* src/chgpasswd.c: Make sure the SHA related variables is not
	compiled when disabled at configuration time.
	* src/chgpasswd.c: Fix the test for getlong() failure.
2009-03-13 22:28:27 +00:00
nekral-guest
e3e64317e8 * src/newusers.c: Make sure the SHA related variables are not
compiled when disabled at configuration time.
	* src/newusers.c: Added FIXME
2009-03-13 22:26:35 +00:00
nekral-guest
f2c8017df4 * src/gpasswd.c: Remove the documentation of options from the
main() documentation. It will always be outdated here.
2009-03-13 22:21:26 +00:00
nekral-guest
bf9036d27a * src/lastlog.c: lastlog variable renamed to ll to avoid name
clash with the structure.
	* src/lastlog.c: check the offset in print_one() so that it is
	used for the display of one entry or a set of entries.
	* src/lastlog.c: Do not loop over the whole user database when -u
	is used with a single user.
	* src/lastlog.c: Check the size of the lastlog file so that we
	can identify failures to read.
2009-03-13 22:20:20 +00:00
nekral-guest
1dc04372df Compile fixes. Fixes warnings. 2009-03-08 23:30:25 +00:00
nekral-guest
27153ae92b * src/gpasswd.c: log_gpasswd_success_gshadow only exists ifdef
SHADOWGRP.
2009-03-08 23:29:46 +00:00
nekral-guest
28d7f83c87 * NEWS, src/newusers.c, src/usermod.c, src/useradd.c,
src/groupmod.c, src/groupadd.c: Make sure no user or group are
	created with an ID set to -1.
2009-03-08 20:43:15 +00:00
nekral-guest
c9121d025f * NEWS, src/grpck.c, src/pwck.c: Issue a warning if an ID is set
to -1.
2009-03-08 20:28:55 +00:00
nekral-guest
f2d6449374 * NEWS, src/gpasswd.c: Only report success to audit and syslog
when the changes are committed to the system. Do not log failure
	for on-memory changes to audit or syslog. Make sure failures and
	inconsistencies will be reported in case of unexpected failures
	(e.g. malloc failures). Only specify an audit message if it is not
	implicitly implied by the type argument. Removed fail_exit
	(replaced by atexit(do_cleanups)). Log failures in case of
	permission denied.
2009-01-26 22:03:37 +00:00
nekral-guest
d8c9236a18 * NEWS, src/su.c: Preserve COLORTERM in addition to TERM when su
is called with the -l option.
2009-01-06 20:13:31 +00:00
nekral-guest
3cb730bcfe * src/Makefile.am: Only link with the needed library. When
compiled with PAM support, chfn, chsh, login, newgrp, passwd, and
	su do not need the libcrypt library.
2008-12-23 00:44:29 +00:00
nekral-guest
915ec6531a * src/groupdel.c: Remove the fail_exit () declaration. 2008-12-22 23:23:14 +00:00
nekral-guest
1df7433e44 Fix typo. 2008-12-22 22:13:50 +00:00
nekral-guest
0bd396011a * src/gpasswd.c: Fix the support for usernames with arbitrary
length.
2008-12-22 22:13:23 +00:00
nekral-guest
9d977dba8e * src/groupdel.c: Re-indent. 2008-12-22 22:07:12 +00:00
nekral-guest
ad7a108d60 * src/groupmod.c: Re-indent.
* src/groupmod.c: Do not add the command synopsis to the main ()
	documentation. This avoids outdated information.
2008-12-22 22:06:27 +00:00
nekral-guest
fca6aeeea2 * src/groupadd.c: Re-indent. 2008-12-22 22:03:34 +00:00
nekral-guest
5b8ff14caf * libmisc/audit_help.c: Added audit_logger_message() to log
messages not related to an account.
	* lib/prototypes.h, libmisc/cleanup.c, libmisc/cleanup_group.c,
	libmisc/cleanup_user.c, libmisc/Makefile.am: Added stack of
	cleanup functions to be executed on exit.
	* NEWS, src/groupadd.c, src/groupdel.c, src/groupmod.c: Only
	report success to audit and syslog when the changes are committed
	to the system. Do not log failure for on-memory changes to audit
	or syslog. Make sure failures and inconsistencies will be reported
	in case of unexpected failures (e.g. malloc failures). Only
	specify an audit message if it is not implicitly implied by the
	type argument. Removed fail_exit (replaced by atexit(do_cleanups)).
2008-12-22 21:52:43 +00:00
nekral-guest
a438c2f184 * NEWS, src/gpasswd.c: Added support usernames with arbitrary
length.
2008-12-15 21:54:53 +00:00
nekral-guest
93358ac3de * src/su.c: (!USE_PAM) Provide visible information indicating that
su was denied.
2008-11-23 12:10:21 +00:00
nekral-guest
a324a7f13f * NEWS, libmisc/chowntty.c, libmisc/utmp.c: is_my_tty() moved from
utmp.c to chowntty.c. checkutmp() now only uses an existing utmp
	entry if the pid matches and ut_line matches with the current tty.
	This fixes a possible DOS when entries can be forged in the utmp
	file.
	* libmisc/chowntty.c, src/login.c, lib/prototypes.h: Remove the
	tty argument from chown_tty. chown_tty always changes stdin and
	does not need this argument anymore.
2008-11-22 23:56:11 +00:00
nekral-guest
4d49f543dd * src/login.c: Always check the return value of the pam_* APIs. 2008-09-20 21:17:26 +00:00
nekral-guest
d400af51fa * src/login.c, man/login.1.xml: the username is not an optional
parameter of -f. Fix the getopt optstring, remove the parsing of
	username in the -f processing block, and remove unnecessary checks
	(username cannot be parsed twice anymore), better documentation of
	the synopsis.
2008-09-20 20:20:19 +00:00
nekral-guest
c8d2175981 * src/login.c: Erase the username later since it it used for the
fake password check (in case of empty password).
2008-09-20 20:05:22 +00:00
nekral-guest
11c7543c76 * src/login.c: Explicitly tag the end of the #ifdef RLOGIN
sections.
2008-09-20 20:03:04 +00:00
nekral-guest
29d4533047 * src/login.c: Check that no username is specified with -r.
* src/login.c: Make sure a username is specified with -f.
2008-09-20 20:00:51 +00:00
nekral-guest
c813e692a2 * src/login.c: Copy the name of the user authenticated by PAM to
username. This simplify later logging (avoid USE_PAM
	conditional).
2008-09-20 19:54:35 +00:00
nekral-guest
65e32d850c * src/login.c: Use a dynamic buffer for usernames. 2008-09-20 19:44:12 +00:00
nekral-guest
9f2ce12b28 * src/login.c: Existence of pam_user was already checked. pwd was
already copied to pwent. Remove duplicated code.
2008-09-20 16:23:04 +00:00
nekral-guest
f4860274be * src/login.c: check_flags() renamed process_flags(). All flag
processing blocs moved to process_flags().
2008-09-20 16:21:46 +00:00
nekral-guest
6b17118e72 * src/logoutd.c, src/userdel.c: Re-indent. This helps pmccabe. 2008-09-20 14:56:10 +00:00
nekral-guest
54a0762bbb * src/login.c: Re-indent. 2008-09-20 14:39:09 +00:00
nekral-guest
1e3f19ad89 * src/login.c: Add missing closing }. This was probably never
noticed because UT_ADDR is never defined.
2008-09-20 14:21:51 +00:00
nekral-guest
5b73a0492d * src/login.c: Do not mix USE_PAM and !USE_PAM code. 2008-09-20 14:17:20 +00:00
nekral-guest
9fa519c983 * src/login.c: Use failent_user to log to audit. username is the
caller, not the user login tries to authenticate.
	* src/login.c: Use pwd->pw_name instead of pwd->pw_uid. This might
	be more precise (name must be unique, uid might not be).
2008-09-20 13:20:31 +00:00
nekral-guest
f3df48ab4f * src/useradd.c: Added missing declaration of Mflg.
* src/pwck.c: Only unlock files if they were locked before (e.g.
	not in read-only mode).
	* src/pwck.c: Quote the username in error messages (harmonization
	with other messages).
	* libmisc/find_new_gid.c: Fixed typo (s/grp->gr_gid/group_id/).
	* libmisc/find_new_gid.c: Likewise.
2008-09-14 13:42:10 +00:00
nekral-guest
5df1f2f683 * libmisc/setugid.c, src/login_nopam.c, src/suauth.c,
lib/getdef.c: Replace the %m format string by strerror(). This
	avoids errno to be reset between the system call error and the
	report function.
2008-09-13 18:03:50 +00:00
nekral-guest
b18d46e68d * NEWS, etc/login.defs: New CREATE_HOME variable to tell useradd
to create a home directory for new users.
	* src/useradd.c, man/useradd.8.xml: New -M/--no-create-home option
	and CREATE_HOME usage. System accounts are not impacted by
	CREATE_HOME.
	* man/useradd.8.xml: Indicate that a new group is created by
	default.
	* src/useradd.c: Removed TODO item (moved to the TODO file).
2008-09-13 11:55:41 +00:00
nekral-guest
bab84a13ff Additional PAM cleanup:
* src/userdel.c, src/newusers.c, src/chpasswd.c, src/chfn.c,
	src/groupmems.c, src/usermod.c, src/groupdel.c, src/chgpasswd.c,
	src/useradd.c, src/groupmod.c, src/groupadd.c, src/chage.c,
	src/chsh.c: If the username cannot be determined, report it as
	such (not a PAM authentication failure).
2008-09-06 23:46:44 +00:00
nekral-guest
4976708c00 * src/gpasswd.c: Document the long options in the usage. 2008-09-06 22:20:19 +00:00
nekral-guest
f8aef607ae * configure.in: Added option --enable-account-tools-setuid to
enable/disable the usage of PAM to authenticate the callers of
	account management tools: chage, chgpasswd, chpasswd, groupadd,
	groupdel, groupmod, useradd, userdel, usermod.
	* src/Makefile.am: Do not link the above tools with libpam if
	account-tools-setuid is disabled.
	* src/userdel.c, src/newusers.c, src/chpasswd.c, src/usermod.c,
	src/groupdel.c, src/chgpasswd.c, src/useradd.c, src/groupmod.c,
	src/groupadd.c, src/chage.c: Implement ACCT_TOOLS_SETUID
	(--enable-account-tools-setuid).
	* etc/pam.d/Makefile.am: Install the pam service file for the
	above tools only when needed.
	* src/useradd.c, src/userdel.c, src/usermod.c: It is no more
	needed to initialize retval to PAM_SUCCESS.
2008-09-06 21:35:37 +00:00
nekral-guest
70cf08329b * src/groupmems.c: Call open_files() and close_files().
* src/groupmems.c: Always call check_perms(), which takes care of
	checking if --list is used.
2008-09-06 16:27:21 +00:00
nekral-guest
18fc4505d3 * src/userdel.c, src/newusers.c, src/chpasswd.c, src/chfn.c,
src/groupmems.c, src/usermod.c, src/groupdel.c, src/chgpasswd.c,
	src/useradd.c, src/groupmod.c, src/groupadd.c, src/chage.c,
	src/chsh.c: Simplify the PAM error handling. Do not keep the pamh
	handle, but terminate the PAM transaction as soon as possible if
	there are no PAM session opened.
2008-09-06 13:28:02 +00:00
nekral-guest
ee4e367ea8 * src/newgrp.c, src/userdel.c, src/grpck.c, src/gpasswd.c,
src/newusers.c, src/pwconv.c, src/chpasswd.c, src/logoutd.c,
	src/chfn.c, src/groupmems.c, src/usermod.c, src/pwunconv.c,
	src/expiry.c, src/groupdel.c, src/chgpasswd.c, src/useradd.c,
	src/su.c, src/groupmod.c, src/passwd.c, src/pwck.c,
	src/groupadd.c, src/chage.c, src/login.c, src/grpconv.c,
	src/groups.c, src/grpunconv.c, src/chsh.c: Prog is now global (not
	static to the file) so that it can be used by the helper functions
	of libmisc.
	* lib/prototypes.h: Added extern char *Prog.
	* libmisc/find_new_gid.c, libmisc/find_new_uid.c: Indicate the
	program name with the warning.
2008-09-06 12:51:53 +00:00
nekral-guest
e3ebd2c736 * src/useradd.c: Fix comment of lflg: it is also used for faillog. 2008-09-04 20:46:00 +00:00
nekral-guest
7e17182e4c * NEWS, src/groupmems.c, man/groupmems.8.xml: Document the long
options.
2008-09-04 20:20:20 +00:00
nekral-guest
a21809cdae * lib/prototypes.h, libmisc/audit_help.c: Define new type
shadow_audit_result for the result argument of audit_logger().
	This permits stronger type checking and a better readability of
	the results (SHADOW_AUDIT_FAILURE/SHADOW_AUDIT_SUCCESS constants).
	* src/groupadd.c, src/groupdel.c, src/useradd.c, src/userdel.c:
	Use the SHADOW_AUDIT_FAILURE/SHADOW_AUDIT_SUCCESS results instead
	of 0 or 1 in audit_logger().
2008-09-04 19:35:48 +00:00
nekral-guest
3dcaaf87e7 * src/userdel.c: Log failures to remove the mailbox to syslog and
audit.
	* src/userdel.c: Log successful removal of home directory to audit
	only in case of success.
	* src/userdel.c: Move the audit log of failure to remove the home
	directory before the call to function that may exit.
	* src/userdel.c: Document that errors is only used to count errors
	during the removal of the home directory.
2008-09-03 21:22:04 +00:00
nekral-guest
f3c7ca59c5 * src/useradd.c: Log errors to syslog in grp_update() since
changes have started to be reported to syslog.
	* src/userdel.c: Fix some result parameters sent to
	audit_logger().

	* NEWS: Following changes from a patch contributed by Steve Grubb
	<sgrubb@redhat.com>
	* src/groupadd.c: Log to audit with type AUDIT_ADD_GROUP instead
	of AUDIT_USER_CHAUTHTOK.
	* src/groupdel.c: Log to audit with type AUDIT_DEL_GROUP instead 
	of AUDIT_USER_CHAUTHTOK.
	* src/useradd.c: Log to audit with type AUDIT_ADD_USER /
	AUDIT_ADD_GROUP / AUDIT_USYS_CONFIG instead of
	AUDIT_USER_CHAUTHTOK.
	* src/useradd.c: Add missing logs to audit.
	* src/userdel.c: Log to audit with type AUDIT_DEL_USER /
	AUDIT_DEL_GROUP instead of AUDIT_USER_CHAUTHTOK.
	* src/userdel.c: Add missing logs to audit.
2008-09-03 21:02:32 +00:00
nekral-guest
abddd42aa0 * src/groupmems.c: Remove duplicated gr_open(). 2008-08-31 17:41:03 +00:00
nekral-guest
614e95af39 * src/su.c: Add brackets and parenthesis.
* src/su.c: Avoid implicit conversion of pointers to booleans.
2008-08-31 17:30:30 +00:00
nekral-guest
c04189bfb6 * src/pwconv.c, src/pwunconv.c: Fail if unexpected parameters are
provided.
2008-08-31 17:30:00 +00:00
nekral-guest
6c5e97e745 * src/passwd.c: Add brackets and parenthesis.
* src/passwd.c: Avoid implicit conversion of pointers to booleans.
	* src/passwd.c: Avoid assignments in comparisons.
2008-08-31 17:29:51 +00:00
nekral-guest
687ae4f4a8 Finish the support for shadow groups. 2008-08-31 17:29:41 +00:00
nekral-guest
87b56b19fb * NEWS, src/groupmems.c, man/groupmems.8.xml: Added support for
shadow groups.
	* src/groupmems.c: Use fail_exit() instead of exit().
2008-08-31 17:29:34 +00:00
nekral-guest
190a6e7687 re-indent. 2008-08-31 17:29:24 +00:00
nekral-guest
046fe0cfe0 * src/groupmems.c: Avoid mixed declarations and code. 2008-08-31 17:29:17 +00:00
nekral-guest
81e1dbc90e * src/groupmems.c: The grp structure returned by gr_locate is a
const. Duplicate this structure before working on it.
	* src/groupmems.c: Do not fail and do not display warnings if a
	close failure happens with the --list option. (Files are opened
	read-only).
2008-08-31 17:29:08 +00:00
nekral-guest
281721cd15 * src/gpasswd.c: Replace the 'valid' variable by is_valid to avoid
clashes with the valid() function.
2008-08-31 17:28:59 +00:00
nekral-guest
6b3266f228 * src/passwd.c: Fix a typo in the Usage string. 2008-08-31 17:28:39 +00:00
nekral-guest
ce4152c817 * src/logoutd.c: Fail if
unexpected parameters are provided.
2008-08-31 17:28:30 +00:00
nekral-guest
73877b22c4 * src/grpunconv.c: Fail if unexpected parameters
are provided.
	* src/grpunconv.c: Indicate that argc is not used
	in the no SHADOWGRP version.
2008-08-31 17:28:21 +00:00
nekral-guest
bf3e8f290c * src/grpconv.c, src/groups.c: Name the parameters in the
prototypes of the static functions.
	* src/grpconv.c: Fail if unexpected parameters are provided.
	* src/grpconv.c: Indicate that argc is not used in the no
	SHADOWGRP version.
2008-08-31 17:28:12 +00:00
nekral-guest
81a4edb776 Name the parameters in the prototypes of the static functions. 2008-08-31 17:28:03 +00:00
nekral-guest
399f453b4d * src/chgpasswd.c, src/chpasswd.c: Removed variable ok, which is
no more used.
2008-08-31 17:27:56 +00:00
nekral-guest
8e6c4b2e07 * src/chage.c: Fix the format for long integers (from %ul to %lu). 2008-08-31 17:27:47 +00:00
nekral-guest
cd6a300222 * configure.in, src/login.c: Do not use HAVE_PAM_FAIL_DELAY, but
HAS_PAM_FAIL_DELAY, to avoid a redefinition with Linux PAM.
2008-08-31 17:27:16 +00:00
nekral-guest
da693710f6 Revert " * src/groupmems.c: Added function open_°files and close_files to"
This reverts commit eb3860eb3647d1b092ffe9baa1eb2f73a27a0d87.
2008-08-31 17:26:55 +00:00
nekral-guest
71656e3cba * src/groupmems.c: Added function open_°files and close_files to
ease the support of gshadow.
	* src/groupmems.c: Always call check_perms(). This function now
	succeed when the requested action is to list the members.
2008-08-30 18:34:43 +00:00
nekral-guest
72d75d50d9 * src/groupmems.c: Added functions add_user(), remove_user(), and
purge_members() to ease the support of gshadow.
2008-08-30 18:34:24 +00:00
nekral-guest
cdf963b2b3 * src/expiry.c: Use Basename for Prog.
* src/expiry.c: Added missing OPENLOG.
2008-08-30 18:34:04 +00:00
nekral-guest
6598f82111 Added brackets. 2008-08-30 18:33:37 +00:00
nekral-guest
0802405344 * src/groupmems.c: Handle the options alphabetically. 2008-08-30 18:29:31 +00:00
nekral-guest
0c7df2f9a0 * src/groupmems.c: When removing an user, check if deluser is on
the list, not adduser. This fixes a segmentation fault for every
	call of groupmems -d.
	* libmisc/list.c: Add assertions to help identifying these issues.
	* libmisc/list.c: Avoid implicit conversion of pointers to
	booleans.
2008-08-30 18:29:08 +00:00
nekral-guest
77f81fa0b6 * NEWS, src/groupmems.c: Use the "groupmems" PAM service name
instead of "groupmod".
2008-08-30 18:28:45 +00:00
nekral-guest
8851893412 * src/chfn.c: Merge some translated messages.
* src/groupmems.c, src/groupadd.c, src/gpasswd.c, src/chsh.c,
	src/chfn.c: Harmonize *_update() failure messages.
	* src/groupmems.c: Harmonize gr_close() failure messages.
	* src/newgrp.c: Harmonize "unknown GID" messages.
	* src/newusers.c: Move the pwd declaration to a inner block scope.
2008-08-30 18:28:24 +00:00